I thought about developing a community based open (CC0 licensed) hardening standard and tool which allows giving more details about the system to be hardened to cover even more hardening options. I'm working as an Information Security Auditor and most companies I have audited are using CIS standards for this. While they are free, they are proprietary and you are not allowed to build products on top of these standards. Additionally these standards are relatively generic and I don't know anybody who knows the decision process on their standards. Also, the Windows standards doesn't even recommend using Windows application allowlisting functionalities such as AppLocker or WDAC.
